Compliance
How Centrify maintains compliance with industry standards and regulations.
Overview
Centrify is committed to maintaining compliance with relevant industry standards and regulations. Our compliance program is designed to ensure that our platform meets or exceeds the requirements of these standards, providing you with confidence in the security and reliability of our services.
Certifications and Attestations
- SOC 2 Type II: Centrify undergoes regular SOC 2 Type II audits to validate our security, availability, processing integrity, confidentiality, and privacy controls.
- ISO 27001: Our information security management system is certified to the ISO 27001 standard, demonstrating our commitment to best practices in security management.
- HIPAA: For customers in the healthcare industry, we offer HIPAA compliance and will sign Business Associate Agreements (BAAs) with eligible customers.
- GDPR: Our platform and processes are designed to support GDPR compliance, with features for data subject rights, data protection impact assessments, and more.
Compliance Features
Centrify provides features to help you maintain compliance with your own regulatory requirements:
- Audit Logging: Comprehensive audit logs of all system activities to support compliance monitoring and reporting.
- Access Controls: Fine-grained access controls and role-based permissions to enforce separation of duties.
- Data Residency: Options for data residency in specific geographic regions to meet local regulatory requirements.
- Compliance Reporting: Built-in reports and dashboards to help you demonstrate compliance to auditors and regulators.
Continuous Compliance
Our approach to compliance is ongoing and proactive:
- Regular internal and external audits to verify compliance
- Continuous monitoring of regulatory changes and updates
- Proactive implementation of new compliance requirements
- Regular training for all employees on compliance requirements